Lucene search
+L

5 matches found

osv
osv
added 2026/04/27 6:33 p.m.12 views

JLSEC-2026-260 Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a...

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References7
redhat
redhat
added 2026/04/09 8:50 a.m.2 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS6.6AI score0.00403EPSS
Exploits1References4
redhat
redhat
added 2026/01/28 9:6 a.m.12 views

openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

A flaw was found in OpenSSL. A remote attacker can exploit this vulnerability by sending a specially crafted CompressedCertificate message during the TLS 1.3 handshake. This can cause excessive per-connection memory allocations, leading to resource exhaustion and a Denial of Service DoS for...

5.9CVSS5.8AI score0.00403EPSS
Exploits1References4
euvd
euvd
added 2026/01/27 4:1 p.m.3 views

EUVD-2025-206398

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

6AI score0.00403EPSS
Exploits1References5
osv
osv
added 2026/01/27 4:1 p.m.7 views

CVE-2025-66199 TLS 1.3 CompressedCertificate excessive memory allocation

Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...

5.9CVSS6.8AI score0.00403EPSS
Exploits1References7
Rows per page
Query Builder